Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/81gmUVDET8fuK66of4RZQHSaKb9iVHv3BW4ywuW9AP4b/0/34352e3137312e3137322e302f32322d3234203d3e203532383632.roa
File:                     34352e3137312e3137322e302f32322d3234203d3e203532383632.roa (raw, json)
Hash identifier:          95scWh4LeioFk+DMeWaqzAg34zWKj674aUUx7F13QWU=
Subject key identifier:   31:65:52:C2:DD:85:28:92:26:04:FA:68:8F:3C:D3:3A:8D:D9:9B:E1
Certificate issuer:       /CN=5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5
Certificate serial:       3AA3481C7BFFADB772469949D6BC8FD445396FB3
Authority key identifier: 5A:5F:04:F3:CD:1D:E3:A8:53:C1:30:5E:F3:E9:18:5A:AB:1E:51:D5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/81gmUVDET8fuK66of4RZQHSaKb9iVHv3BW4ywuW9AP4b/0/34352e3137312e3137322e302f32322d3234203d3e203532383632.roa
Signing time:             Fri 16 May 2025 18:39:55 +0000
ROA not before:           Fri 16 May 2025 18:34:55 +0000
ROA not after:            Fri 15 May 2026 18:39:55 +0000
asID:                     52862
IP address blocks:        45.171.172.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/81gmUVDET8fuK66of4RZQHSaKb9iVHv3BW4ywuW9AP4b/0/5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5.crl
                          rsync://rpki-repo.registro.br/repo/81gmUVDET8fuK66of4RZQHSaKb9iVHv3BW4ywuW9AP4b/0/5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 07:02:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:a3:48:1c:7b:ff:ad:b7:72:46:99:49:d6:bc:8f:d4:45:39:6f:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5
        Validity
            Not Before: May 16 18:34:55 2025 GMT
            Not After : May 15 18:39:55 2026 GMT
        Subject: CN=316552C2DD8528922604FA688F3CD33A8DD99BE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:43:99:b8:20:c5:0a:ce:9e:8f:1d:bd:90:6e:
                    04:1a:61:9e:00:d5:26:8f:33:37:d9:92:b5:f2:e7:
                    c5:69:95:a5:dc:33:1c:8b:49:19:9a:da:54:c5:52:
                    eb:0d:df:2f:64:a8:a5:37:f2:33:2b:b6:5e:68:fc:
                    5a:12:ef:ab:64:52:1c:cd:15:bc:d7:66:34:be:62:
                    d9:1a:eb:5d:0d:43:12:43:dc:8f:b7:4e:9b:12:50:
                    f1:e0:a3:0b:ff:73:e7:0c:6a:3d:1c:89:76:a4:b4:
                    83:55:0d:fa:9b:cd:89:f4:fc:9b:0c:bf:d7:0c:db:
                    f4:6d:93:33:15:4f:30:34:cb:ad:e4:62:b1:6d:74:
                    5c:a3:12:71:81:a4:9a:e9:66:75:02:2e:82:17:80:
                    09:62:63:c4:a6:14:8f:69:d1:87:fe:6a:92:02:5d:
                    94:37:2a:cf:b1:c7:08:3a:9a:86:64:ec:be:ef:9c:
                    54:ef:80:4e:5f:f1:0d:e5:62:75:dc:5c:7e:c5:ce:
                    0a:1b:b2:a4:3a:5e:56:ed:e8:ef:d1:22:4d:6b:62:
                    ac:53:45:95:e3:0a:1c:7a:af:57:06:74:c4:25:77:
                    a6:bd:63:28:75:5f:34:73:3c:b9:10:ff:64:6d:cf:
                    ee:b1:88:6d:e7:a9:20:5e:ac:7e:cb:07:fa:5d:83:
                    85:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:65:52:C2:DD:85:28:92:26:04:FA:68:8F:3C:D3:3A:8D:D9:9B:E1
            X509v3 Authority Key Identifier:
                keyid:5A:5F:04:F3:CD:1D:E3:A8:53:C1:30:5E:F3:E9:18:5A:AB:1E:51:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/81gmUVDET8fuK66of4RZQHSaKb9iVHv3BW4ywuW9AP4b/0/5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5A5F04F3CD1DE3A853C1305EF3E9185AAB1E51D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/81gmUVDET8fuK66of4RZQHSaKb9iVHv3BW4ywuW9AP4b/0/34352e3137312e3137322e302f32322d3234203d3e203532383632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:99:35:f8:60:e6:e6:f2:1d:62:95:db:e4:fb:36:a6:7a:9b:
         e7:4d:b6:20:2a:74:c7:d2:f2:43:8d:3e:bd:66:db:0f:d0:84:
         28:c3:82:04:80:da:9a:b8:7b:64:25:62:2f:9a:1f:d7:34:2a:
         2e:c9:31:a7:34:32:0a:b1:5a:8f:36:34:26:be:5f:4f:30:90:
         e2:e1:9c:96:a8:dd:1b:e6:2f:32:8e:08:61:0e:df:74:0e:17:
         09:16:12:b6:f3:be:6d:12:a8:e0:33:90:03:fc:27:0a:3a:f3:
         88:dd:45:e2:c7:1e:41:78:88:af:fb:01:d9:9b:59:a7:3e:6e:
         a5:ea:90:e5:f4:b2:11:9d:75:db:92:0c:ef:01:0a:ac:a5:f8:
         5e:73:b3:fc:04:fb:ec:db:95:9f:26:2e:98:b7:ff:9a:ca:aa:
         8d:73:eb:61:9f:ad:da:b2:1e:b2:e4:03:ad:84:31:ad:67:69:
         07:25:e5:09:34:67:ed:f0:3f:2b:e2:c4:23:fe:58:fd:cb:ef:
         6a:71:c3:14:95:07:5d:8b:c1:ed:61:03:58:ee:33:c3:2f:5f:
         5a:2b:e6:b0:00:e7:41:ef:fe:87:0d:f0:4f:b6:6e:fa:72:49:
         ec:f0:28:49:90:7b:50:c9:99:d1:91:f4:c1:42:3f:77:83:fa:
         8d:23:fc:de
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUOqNIHHv/rbdyRplJ1ryP1EU5b7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUE1RjA0RjNDRDFERTNBODUzQzEzMDVFRjNFOTE4NUFB
QjFFNTFENTAeFw0yNTA1MTYxODM0NTVaFw0yNjA1MTUxODM5NTVaMDMxMTAvBgNV
BAMTKDMxNjU1MkMyREQ4NTI4OTIyNjA0RkE2ODhGM0NEMzNBOEREOTlCRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Q5m4IMUKzp6PHb2QbgQaYZ4A
1SaPMzfZkrXy58VplaXcMxyLSRma2lTFUusN3y9kqKU38jMrtl5o/FoS76tkUhzN
FbzXZjS+Ytka610NQxJD3I+3TpsSUPHgowv/c+cMaj0ciXaktINVDfqbzYn0/JsM
v9cM2/RtkzMVTzA0y63kYrFtdFyjEnGBpJrpZnUCLoIXgAliY8SmFI9p0Yf+apIC
XZQ3Ks+xxwg6moZk7L7vnFTvgE5f8Q3lYnXcXH7FzgobsqQ6Xlbt6O/RIk1rYqxT
RZXjChx6r1cGdMQld6a9Yyh1XzRzPLkQ/2Rtz+6xiG3nqSBerH7LB/pdg4WpAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUMWVSwt2FKJImBPpojzzTOo3Zm+EwHwYDVR0j
BBgwFoAUWl8E880d46hTwTBe8+kYWqseUdUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vODFnbVVWREVUOGZ1SzY2b2Y0UlpRSFNhS2I5aVZIdjNCVzR5d3VXOUFQ
NGIvMC81QTVGMDRGM0NEMURFM0E4NTNDMTMwNUVGM0U5MTg1QUFCMUU1MUQ1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzVBNUYwNEYzQ0QxREUzQTg1
M0MxMzA1RUYzRTkxODVBQUIxRTUxRDUuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzgxZ21VVkRFVDhmdUs2Nm9mNFJaUUhTYUtiOWlWSHYzQlc0eXd1VzlBUDRiLzAv
MzQzNTJlMzEzNzMxMmUzMTM3MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMy
MzgzNjMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCLausMA0GCSqGSIb3DQEBCwUAA4IBAQBrmTX4YObm
8h1ildvk+zamepvnTbYgKnTH0vJDjT69ZtsP0IQow4IEgNqauHtkJWIvmh/XNCou
yTGnNDIKsVqPNjQmvl9PMJDi4ZyWqN0b5i8yjghhDt90DhcJFhK2875tEqjgM5AD
/CcKOvOI3UXixx5BeIiv+wHZm1mnPm6l6pDl9LIRnXXbkgzvAQqspfhec7P8BPvs
25WfJi6Yt/+ayqqNc+thn63ash6y5AOthDGtZ2kHJeUJNGft8D8r4sQj/lj9y+9q
ccMUlQddi8HtYQNY7jPDL19aK+awAOdB7/6HDfBPtm76ckns8ChJkHtQyZnRkfTB
Qj93g/qNI/ze
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:24:54 2025 by rpki-client